Ask Your Question
0

can't ssh/ping floating ip of instance

asked 2014-04-27 08:32:23 -0500

alphaz gravatar image

updated 2014-04-27 08:57:07 -0500

larsks gravatar image

Environment: Centos6.5+RDO+havana

I create a instace successfully with (public ip:192.168.226.101,private ip:10.10.10.2). I can ping private ip but I can't ping public ip. I found following information from my dashboard. status of 192.xxx.xxx.xxx are DOWN, status of 10.xx.xx.xx are Active. I'm a newer for openstack.could some help to tell me the solution? or you can tell me how to debug this issue?

(02b8a649)      192.168.226.100 network:router_gateway  DOWN    UP  Edit Port
(566a3ad7)      192.168.226.102 network:floatingip  DOWN    UP  Edit Port
(660d4ae8)      192.168.226.101 network:floatingip  DOWN    UP  Edit Port

private net interface

(29c7c3bb)      10.10.10.2          compute:nova                    ACTIVE  UP  Edit Port
(3055a9a8)      10.10.10.1          network:router_interface    ACTIVE  UP  Edit Port
(a6a7d763)      10.10.10.254    network:router_interface    ACTIVE  UP  Edit Port
(f8781dd1)      10.10.10.3          network:dhcp                    ACTIVE  UP  Edit Port


[root@alpha ~(keystone_admin)]# openstack-status
== Nova services ==
openstack-nova-api:                     active
openstack-nova-cert:                    active
openstack-nova-compute:                 active
openstack-nova-network:                 dead      (disabled on boot)
openstack-nova-scheduler:               active
openstack-nova-conductor:               active
== Glance services ==
openstack-glance-api:                   active
openstack-glance-registry:              active
== Keystone service ==
openstack-keystone:                     active
== Horizon service ==
openstack-dashboard:                    active
== neutron services ==
neutron-server:                         active
neutron-dhcp-agent:                     active
neutron-l3-agent:                       active
neutron-metadata-agent:                 active
neutron-lbaas-agent:                    inactive  (disabled on boot)
neutron-openvswitch-agent:              active
== Swift services ==
openstack-swift-proxy:                  active
openstack-swift-account:                active
openstack-swift-container:              active
openstack-swift-object:                 active
== Cinder services ==
openstack-cinder-api:                   active
openstack-cinder-scheduler:             active
openstack-cinder-volume:                active
== Ceilometer services ==
openstack-ceilometer-api:               active
openstack-ceilometer-central:           active
openstack-ceilometer-compute:           active
openstack-ceilometer-collector:         active
openstack-ceilometer-alarm-notifier:    active
openstack-ceilometer-alarm-evaluator:   active
== Support services ==
mysqld:                                 active
libvirtd:                               active
openvswitch:                            active
messagebus:                             active
tgtd:                                   active
qpidd:                                  active
memcached:                              active
== Keystone users ==
+----------------------------------+------------+---------+--------------------------+
|                id                |    name    | enabled |          email           |
+----------------------------------+------------+---------+--------------------------+
| 203938cc33b440f0b11927fd025c53f4 |   admin    |   True  |      test@test.com       |
| c7d5dbd22f5549689cd118484f7afacb |   alphaz   |   True  | alpha.zhang@centling.com |
| c1366e2f3cc94e558861fa6b08d84914 | ceilometer |   True  |   ceilometer@localhost   |
| 442cb4e41ec344cf8d9e418f40450f18 |   cinder   |   True  |     cinder@localhost     |
| 67600fa19a62438d8f67f0378595c71c |   glance   |   True  |     glance@localhost     |
| 6aa5560877864193a080557dca52b0d8 |  neutron   |   True  |    neutron@localhost     |
| f4e4f3783b0f484fb8f14aa95064f249 |    nova    |   True  |      nova@localhost      |
| 2f819f003fa44ba684cd59de3efd3b70 |   swift    |   True  |     swift@localhost      |
+----------------------------------+------------+---------+--------------------------+
== Glance images ==

+--------------------------------------+------+-------------+------------------+-----------+--------+
| ID                                   | Name | Disk Format | Container Format | Size      | Status |
+--------------------------------------+------+-------------+------------------+-----------+--------+
| 1333c7da-c410-4395-b0b9-2e10ef05d2c8 | net  | qcow2       | bare             | 260243968 | active |
+--------------------------------------+------+-------------+------------------+-----------+--------+
== Nova managed services ==
+------------------+--------------------+----------+---------+-------+----------------------------+-----------------+
| Binary           | Host               | Zone     | Status  | State | Updated_at                 | Disabled Reason |
+------------------+--------------------+----------+---------+-------+----------------------------+-----------------+
| nova-consoleauth | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-conductor   | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-scheduler   | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-compute     | alpha.centling.com | nova     | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-cert        | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
+------------------+--------------------+----------+---------+-------+----------------------------+-----------------+
== Nova networks ==
+--------------------------------------+-------+------+
| ID                                   | Label | Cidr |
+--------------------------------------+-------+------+
| 3e92a5bf-6587-46d6-9e68-46e67c01becb | net2  | -    |
| 9a3566ce-bba7-4f9c-9cf6-c0a716a5e456 | net1  | -    |
+--------------------------------------+-------+------+
== Nova instance flavors ==
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name      | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1  | m1.tiny   | 512       | 1    | 0         |      | 1     | 1.0         | True      |
| 2  | m1.small  | 2048      | 20   | 0         |      | 1     | 1.0         | True      |
| 3  | m1.medium | 4096      | 40   | 0         |      | 2     | 1.0         | True      |
| 4  | m1.large  | 8192      | 80   | 0         |      | 4     | 1.0         | True      |
| 5  | m1.xlarge | 16384     | 160  | 0         |      | 8     | 1.0         | True      |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
== Nova instances ==
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| ID                                   | Name | Status | Task State | Power State | Networks                         |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| da38397a-4fb0-4331-a289-99384b2a5c31 | 1234 | ACTIVE | -          | Running     | net1=192.168.226.106             |
| 52182671-30f3-48b0-b7c6-2b9eb385ced2 | net  | ACTIVE | -          | Running     | net2=10.10.10.2, 192.168.226.101 |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+



br-ex     Link encap:Ethernet ...
(more)
edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-04-27 09:16:32 -0500

dbaxps gravatar image 
Source keystonerc_demo ( or keystonerc_user1 , user should be created before for particlular tenant) 

 $ cat >> ~/keystonerc_admin <<EOF
  export OS_USERNAME=admin
  export OS_TENANT_NAME=admin
  export OS_PASSWORD=xxxxxxxx
  export OS_AUTH_URL=http://192.168.1.127:35357/v2.0/
  export PS1='[\u@\h \W(keystone_admin)]\$ '
  EOF

  $ . keystonerc_admin

  $ keystone user-create --name user1 --pass xxxxxx1
  WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
  +----------+----------------------------------+
  | Property |              Value               |
  +----------+----------------------------------+
  |  email   |                                  |
  | enabled  |               True               |
  |    id    | 1c18b2231aa34dbe9c31cd390aaedb42 |
  |   name   |             user1              |
  +----------+----------------------------------+

  $ keystone role-create --name user
  WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
  +----------+----------------------------------+
  | Property |              Value               |
  +----------+----------------------------------+
  |    id    | 6fac6b1cd0c24ba0a949d12acc757311 |
  |   name   |               user               |
  +----------+----------------------------------+

  $ keystone tenant-create --name ostenant
  WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
  +-------------+----------------------------------+
  |   Property  |              Value               |
  +-------------+----------------------------------+
  | description |                                  |
  |   enabled   |               True               |
  |      id     | 2c845a6ad20e45ccb0b045cee27a9661 |
  |     name    |             ostenant             |
  +-------------+----------------------------------+

  $ keystone user-role-add --user user1 \
  --role user --tenant ostenant

$ cat >> ~/keystonerc_user1 <<EOF
  export OS_USERNAME=user1
  export OS_TENANT_NAME=ostenant
  export OS_PASSWORD=xxxxxxx1
  export OS_AUTH_URL=http://192.168.1.127:35357/v2.0/
  export PS1='[\u@\h \W(keystone_user1)]\$ '
  EOF


     and run :

     Add the security rules
    ----------------------

     $ neutron security-group-rule-create --protocol icmp  --direction ingress --remote-ip-prefix 0.0.0.0/0 default
     $ neutron security-group-rule-create --protocol tcp   --port-range-min 22 --port-range-max 22  --direction ingress    --remote-ip-prefix 0.0.0.0/0  default

  Or add security rules via dashboard :

Add security rules for ICMP and TCP

edit flag offensive delete link more

Comments

Regarging "(02b8a649) 192.168.226.100 network:router_gateway DOWN UP Edit Port"
Please,view report from working system here
It's normal. VM with floating IP 192.168.110 is currently up and runnig.

dbaxps gravatar imagedbaxps ( 2014-04-27 09:56:48 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2014-04-27 08:32:23 -0500

Seen: 965 times

Last updated: Apr 27 '14

Related questions

Cannot ping/ssh to CirrOS/Ubuntu instance

flat public network ping/ssh fails for instances

Nova Instances : can't ping

can't ping or ssh cirros vm floating ip

unable to ssh my instance with its floating ip [closed]

Traffic Not Reaching TAP Interface

Offline migration without ssh key

Router VM not forwarding Ping reply

can't ping from controller node to external network

Linuxbridge router unable to ping gateway rocky